Scribd
Upload
174 views19 pages

How To Configure SSH Key-Based Authentication On A Linux Server - DigitalOcean

This document provides instructions for configuring SSH key-based authentication on a Linux server. It describes generating an SSH key pair on the client using ssh-keygen, copying the public key to the server's authorized_keys file, and disabling password authentication in the SSH daemon configuration. Configuring an SSH key allows logging into the server without needing to enter a password.

Uploaded by

geko1
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
174 views19 pages

How To Configure SSH Key-Based Authentication On A Linux Server - DigitalOcean

This document provides instructions for configuring SSH key-based authentication on a Linux server. It describes generating an SSH key pair on the client using ssh-keygen, copying the public key to the server's authorized_keys file, and disabling password authentication in the SSH daemon configuration. Configuring an SSH key allows logging into the server without needing to enter a password.

Uploaded by

geko1
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 19

How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

fail2ban

1 of 19 3/5/2018, 5:21 PM
How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

~/.ssh/authorized_keys

ssh-keygen

ssh-keygen

Generating public/private rsa key pair.


Enter file in which to save the key (/home/username/.ssh/id_rsa):

~/.ssh
id_rsa id_rsa.pub

2 of 19 3/5/2018, 5:21 PM
How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

/home/username/.ssh/id_rsa already exists.


Overwrite (y/n)?

Created directory '/home/username/.ssh'.


Enter passphrase (empty for no passphrase):
Enter same passphrase again:

3 of 19 3/5/2018, 5:21 PM
How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

Your identification has been saved in /home/username/.ssh/id_rsa.


Your public key has been saved in /home/username/.ssh/id_rsa.pub.
The key fingerprint is:
a9:49:2e:2a:5e:33:3e:a9:de:4e:77:11:58:b6:90:26 username@remote_host
The key's randomart image is:
+--[ RSA 2048]----+
| ..o |
| E o= . |
| o. o |
| .. |
| ..S |
| o o. |
| =o.+. |
|. =++.. |
|o=++. |
+-----------------+

4 of 19 3/5/2018, 5:21 PM
How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

cat ~/.ssh/id_rsa.pub

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNqqi1mHLnryb1FdbePrSZQdmXRZxGZbo0gTfglysq6KMNUNY2

5 of 19 3/5/2018, 5:21 PM
How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

~/.ssh
/authorized_keys

ssh-copy-id

ssh-copy-id

ssh-copy-id username@remote_host

The authenticity of host '111.111.11.111 (111.111.11.111)' can't be established.


ECDSA key fingerprint is fd:fd:d4:f9:77:fe:73:84:e1:55:00:ad:d6:6d:22:fe.
Are you sure you want to continue connecting (yes/no)? yes

6 of 19 3/5/2018, 5:21 PM
How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

id_rsa.pub

/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now i
[email protected]'s password:

~/.ssh/id_rsa.pub ~/.ssh
authorized_keys

Number of key(s) added: 1

Now try logging into the machine, with: "ssh '[email protected]'"


and check to make sure that only the key(s) you wanted were added.

id_rsa.pub

ssh-copy-id

~/.ssh

authorized_keys

>>

7 of 19 3/5/2018, 5:21 PM
How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

cat ~/.ssh/id_rsa.pub | ssh username@remote_host "mkdir -p ~/.ssh && cat >> ~/.ssh/autho

The authenticity of host '111.111.11.111 (111.111.11.111)' can't be established.


ECDSA key fingerprint is fd:fd:d4:f9:77:fe:73:84:e1:55:00:ad:d6:6d:22:fe.
Are you sure you want to continue connecting (yes/no)? yes

[email protected]'s password:

id_rsa.pub
authorized_keys

id_rsa.pub ~/.ssh/authorized_keys

id_rsa.pub

cat ~/.ssh/id_rsa.pub

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCqql6MzstZYh1TmWWv11q5O3pISj2ZFl9HgH1JLknLLx44+tXf

8 of 19 3/5/2018, 5:21 PM
How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

~/.ssh

mkdir -p ~/.ssh

authorized_keys
id_rsa.pub authorized_keys

echo public_key_string >> ~/.ssh/authorized_keys

public_key_string cat ~/.ssh


/id_rsa.pub ssh-rsa AAAA...

ssh username@remote_host

The authenticity of host '111.111.11.111 (111.111.11.111)' can't be established.


ECDSA key fingerprint is fd:fd:d4:f9:77:fe:73:84:e1:55:00:ad:d6:6d:22:fe.
Are you sure you want to continue connecting (yes/no)? yes

9 of 19 3/5/2018, 5:21 PM
How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

sudo

sudo

sudo nano /etc/ssh/sshd_config

PasswordAuthentication

PasswordAuthentication no

sudo service ssh restart

sshd

sudo service sshd restart

10 of 19 3/5/2018, 5:21 PM
How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

11 of 19 3/5/2018, 5:21 PM
How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

ssh -i

Host REMOTE_HOST_IP # should be xxx.xxx.xxx.xx


IdentityFile LOCATION_OF_YOUR_PRIVATE_KEY # for example ~/.ssh/myprivatekey (notic

12 of 19 3/5/2018, 5:21 PM
How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

13 of 19 3/5/2018, 5:21 PM
How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

14 of 19 3/5/2018, 5:21 PM
How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

ssh-keygen id_rsa

ssh-copy-id

15 of 19 3/5/2018, 5:21 PM
How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

16 of 19 3/5/2018, 5:21 PM
How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

17 of 19 3/5/2018, 5:21 PM
How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

testClient testServer

testClient

ssh-keygen
~/.ssh/authorized_keys
ssh-copy-id

testServer ~/.ssh
/authorized_keys ssh-copy-id testServer@Server-
B_IP_address testServer

ssh-copy-id
ssh ssh testServer@Server-B_IP_address

18 of 19 3/5/2018, 5:21 PM
How To Configure SSH Key-Based Authentication on a Linux Server | D... https://www.digitalocean.com/community/tutorials/how-to-configure-ssh...

19 of 19 3/5/2018, 5:21 PM

You might also like